CVE 5.1 MEDIUM

Otsuka Information Technology|FMS – Reflected Cross-site Scripting_CVE-2025-13589

November 24, 2025 invoker category_cve
5.1 / 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Description

FMS developed by Otsuka Information Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

Basic Information

ID CVE-2025-13589
Source twcert
Published Nov 24, 2025 at 03:09

Affected Product

Vendor Otsuka Information Technology
Product FMS
Affected Versions Otsuka Information Technology FMS 0

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.